On Tue, Jan 23, 2001 at 06:40:14PM -0800, Renaud Waldura wrote:
> An amusing trick to populate the ARP table is to ping the broadcast address.
> Even if hosts do not reply to your ping packet (typically, Windows
> machines), they are entered in the ARP table.
>
> You still have to send a single packet, but it does all the work.
You can't really assume this will work. FreeBSD has a sysctl
to disable responses to broadcast/multicast ICMP-echo requests.
Exploitation of this "feature" is the basis for several denial
of service attacks. Spoof the origin address to an layer-3
broadcast address and voila, amplified responses. :-(
- Steve
--
C. Stephen Gunn <[EMAIL PROTECTED]> | Waterspout Communications, Inc.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
